Cryptocurrency exchange Suex hit with sanctions by US Treasury Department for alleged role in laundering ransomware payments
The US Treasury Department is following through on its promise to take action against payments to hackers following ransomware attacks.
Last week it was revealed that the US Treasury department planned to impose sanctions, against ransomware crypto payments.
On Tuesday the department confirmed its first set of actions “focused on disrupting criminal networks and virtual currency exchanges responsible for laundering ransoms.”
The US Treasury Department (working with the FBI) alleged that the virtual crypto exchange Suex “has facilitated transactions involving illicit proceeds from at least eight ransomware variants.”
“Analysis of known Suex transactions shows that over 40 percent of Suex’s known transaction history is associated with illicit actors,” said the Treasury. “ Suex is being designated pursuant to Executive Order 13694, as amended, for providing material support to the threat posed by criminal ransomware actors.”
It said that virtual currency exchanges such as Suex are critical to the profitability of ransomware attacks, which help fund additional cybercriminal activity.
It said that the US Treasury will continue to disrupt and hold accountable these entities to reduce the incentive for cybercriminals to continue to conduct these attacks.
But what are the real world consequences for the Suex exchange of US Treasury sanctions?
Well, because of its new designation, all property and interests in property of the designated target that are subject to US jurisdiction are blocked, and US persons are generally prohibited from engaging in transactions with them.
Additionally, any entities 50 percent or more owned by one or more designated persons are also blocked.
In addition, financial institutions and other persons that engage in certain transactions or activities with the sanctioned entities and individuals may expose themselves to sanctions or be subject to an enforcement action.
Essentially it makes it much harder for Suex to do business with US entities or US citizens.
Do not pay ransoms!
In addition to the action against Suex, the US Treasury also clarified its guidance for businesses on how to respond to ransomware attacks.
The guidance “strongly encourages victims and related companies to report these incidents to and fully cooperate with law enforcement as soon as possible.”
The guidance also continues to discourage businesses from paying ransoms.
And the advisory also warns that US entities could be penalised for making payments to a sanctioned actor, even if they’re unaware of that fact, like in the case of paying a ransom.
Ransomware threats at an all time high and rapidly becoming a national security issue, the Biden administration is seeking to disrupt digital finance infrastructure that facilitates ransomware cyber attacks.
Despite this, hackers and criminals gangs have been gathering millions of dollars from ransomware payments.
In May for example, the CEO of Colonial Pipeline publicly confirmed that the pipeline had paid the DarkSide criminal gang its ransom demand of 75 Bitcoin (worth $4.4 million at the time of payment.
At the same time security researchers at London-based Eliptic identified the Bitcoin digital wallet used by DarkSide to extract ransoms from their victims.
Elliptic also revealed DarkSide and its affiliates had bagged at least $90 million in bitcoin ransom payments in total from various ransomware victims.
Meanwhile CNA Financial, one of the largest US insurance companies, paid $40 million to free itself from a ransomware attack that occurred in March.